This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/2km5CePTq7_BnWDbbdzBAnFRzXw.roa File: 2km5CePTq7_BnWDbbdzBAnFRzXw.roa (raw, json) Hash identifier: odLHriDBowdLruRMyp7oP30CTWfC4IMigBLHf3TCMXY= Subject key identifier: DA:49:B9:09:E3:D3:AB:BF:C1:9D:60:DB:6D:DC:C1:02:71:51:CD:7C Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8 Certificate serial: 019B7F16041C4973922EAD2DE0B1E6E8B4BF Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/2km5CePTq7_BnWDbbdzBAnFRzXw.roa Signing time: Fri 02 Jan 2026 14:21:47 +0000 ROA not before: Fri 02 Jan 2026 14:21:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34343 IP address blocks: 85.12.56.0/24 maxlen: 24 91.148.192.0/24 maxlen: 24 91.148.224.0/22 maxlen: 24 91.148.228.0/22 maxlen: 24 91.148.236.0/22 maxlen: 24 91.148.236.0/24 maxlen: 24 91.148.237.0/24 maxlen: 24 91.148.238.0/24 maxlen: 24 91.148.239.0/24 maxlen: 24 91.148.240.0/22 maxlen: 24 91.148.244.0/22 maxlen: 24 91.148.248.0/24 maxlen: 24 91.148.249.0/24 maxlen: 24 176.124.71.0/24 maxlen: 24 185.91.29.0/24 maxlen: 24 193.138.220.0/24 maxlen: 24 195.200.84.0/24 maxlen: 24 195.200.85.0/24 maxlen: 24 2a01:788:aaaa::/48 maxlen: 48 2a01:788:aaab::/48 maxlen: 48 2a01:788:aaac::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:16:04:1c:49:73:92:2e:ad:2d:e0:b1:e6:e8:b4:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8 Validity Not Before: Jan 2 14:21:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da49b909e3d3abbfc19d60db6ddcc1027151cd7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:fe:7f:25:65:cd:84:09:bd:a3:f4:03:7e:52: 4e:4b:ba:56:c2:fc:0a:22:03:53:26:a9:b2:b5:d5: 67:6e:6c:f7:57:bc:05:cf:c0:38:ca:60:30:1c:30: 12:e2:61:e4:bf:d1:66:f8:af:a9:05:9d:3d:3d:57: 86:6d:b6:e5:9a:8f:ee:2e:0d:58:c8:ff:c1:18:9f: 67:6e:ae:31:6f:4c:14:e2:80:89:f1:6b:f4:01:fe: 24:62:0d:94:07:87:a5:ce:dd:97:5e:77:f8:63:3c: 1b:75:de:9d:69:73:b3:af:15:77:2a:fb:0a:70:17: c0:ae:7a:40:a0:0b:55:8d:3f:40:c8:d7:fc:18:83: 4d:ad:fd:ee:cc:75:49:64:a6:92:d8:6c:70:be:ef: 94:40:d6:e1:0a:3f:7b:79:64:37:7d:9d:93:50:14: 4e:15:46:38:80:e9:d9:c8:59:0b:67:b5:b2:ed:df: cd:14:3a:80:ea:e2:34:21:a6:8b:12:7d:f5:92:4f: b2:e4:bd:2d:33:9c:e9:d4:02:64:f6:09:cc:69:22: 2e:fc:bd:d5:35:a6:63:f4:b3:18:e0:f7:51:05:00: ab:54:e0:78:10:f0:b1:50:55:b6:4b:64:1e:ac:8e: d9:f0:11:56:e4:ae:6d:28:41:f1:4b:96:c9:54:74: 8d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:49:B9:09:E3:D3:AB:BF:C1:9D:60:DB:6D:DC:C1:02:71:51:CD:7C X509v3 Authority Key Identifier: keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/2km5CePTq7_BnWDbbdzBAnFRzXw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.12.56.0/24 91.148.192.0/24 91.148.224.0/21 91.148.236.0-91.148.249.255 176.124.71.0/24 185.91.29.0/24 193.138.220.0/24 195.200.84.0/23 IPv6: 2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 39:41:53:85:a0:1d:85:c6:15:05:1a:8a:3a:53:9c:0a:16:84: 2d:2c:39:5b:ca:c5:82:8e:9a:67:85:0d:52:8c:39:4d:8a:14: d9:f0:61:75:0c:cc:21:24:6c:e8:54:ff:04:7c:4f:13:1c:bf: f8:01:e1:7d:bc:e7:1d:a4:7b:5e:d3:cf:9b:28:9b:f1:89:09: 68:64:04:32:71:b4:30:f1:34:3d:64:2c:45:89:df:20:6d:51: 28:82:e9:f5:fe:1a:b6:89:71:50:d6:61:03:f3:e0:1f:e1:53: f8:7b:5e:6e:43:8b:d9:31:c5:97:f0:ec:25:7c:d8:d0:0b:83: ed:8a:6f:99:ef:0d:c3:79:c3:48:cf:80:8e:7e:c1:ee:c5:c1: 22:07:19:12:dd:10:4c:09:2d:ac:95:0f:c3:1d:2e:ea:b0:c3: be:d2:62:f1:ec:3f:1a:be:ad:9b:3a:95:f6:81:a2:34:c8:f3: 8f:ba:cd:57:03:4b:22:81:f1:93:8e:c2:20:99:92:05:13:7f: e2:04:a5:31:82:b4:6a:62:30:ba:ec:31:45:cf:40:74:2a:be: d9:b7:a5:52:33:21:6b:65:3d:7f:48:d7:ac:b7:4e:37:98:87: e5:a3:f2:10:4e:0f:6e:46:a1:7b:e2:87:d1:44:8c:76:f7:e2: 53:61:c7:b7 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZt/FgQcSXOSLq0t4LHm6LS/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5 MzI5ZjgwHhcNMjYwMTAyMTQyMTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTQ5YjkwOWUzZDNhYmJmYzE5ZDYwZGI2ZGRjYzEwMjcxNTFjZDdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/5/JWXNhAm9o/QDflJOS7pWwvwK IgNTJqmytdVnbmz3V7wFz8A4ymAwHDAS4mHkv9Fm+K+pBZ09PVeGbbblmo/uLg1Y yP/BGJ9nbq4xb0wU4oCJ8Wv0Af4kYg2UB4elzt2XXnf4Yzwbdd6daXOzrxV3KvsK cBfArnpAoAtVjT9AyNf8GINNrf3uzHVJZKaS2Gxwvu+UQNbhCj97eWQ3fZ2TUBRO FUY4gOnZyFkLZ7Wy7d/NFDqA6uI0IaaLEn31kk+y5L0tM5zp1AJk9gnMaSIu/L3V NaZj9LMY4PdRBQCrVOB4EPCxUFW2S2QerI7Z8BFW5K5tKEHxS5bJVHSNgwIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFNpJuQnj06u/wZ1g223cwQJxUc18MB8GA1UdIwQY MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt NjRhNmEwNWI5OTA1LzEvMmttNUNlUFRxN19CbldEYmJkekJBbkZSelh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1 LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA+BAIAATA4AwQAVQw4AwQA W5TAAwQDW5TgMAwDBAJblOwDBAFblPgDBACwfEcDBAC5Wx0DBADBitwDBAHDyFQw GgQCAAIwFDASAwcBKgEHiKqqAwcAKgEHiKqsMA0GCSqGSIb3DQEBCwUAA4IBAQA5 QVOFoB2FxhUFGoo6U5wKFoQtLDlbysWCjppnhQ1SjDlNihTZ8GF1DMwhJGzoVP8E fE8THL/4AeF9vOcdpHte08+bKJvxiQloZAQycbQw8TQ9ZCxFid8gbVEogun1/hq2 iXFQ1mED8+Af4VP4e15uQ4vZMcWX8OwlfNjQC4Ptim+Z7w3DecNIz4COfsHuxcEi BxkS3RBMCS2slQ/DHS7qsMO+0mLx7D8avq2bOpX2gaI0yPOPus1XA0sigfGTjsIg mZIFE3/iBKUxgrRqYjC67DFFz0B0Kr7Zt6VSMyFrZT1/SNest043mIflo/IQTg9u RqF74ofRRIx29+JTYce3 -----END CERTIFICATE-----Generated at Mon Jan 12 04:03:42 2026 by rpki-client